package com.hymall.config;

import com.hymall.realm.MallRealm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.Arrays;
import java.util.LinkedHashMap;

/**
 * @author stone
 * @date 2022/06/28 11:06
 */

/**
 * @author: 叶熠彬
 * @date: 2022/7/18 15:28
 * @param:
 * @return:
 */
@Configuration
public class ShiroConfiguration {

    /**
     * ShiroFilter → SecurityManager
     */
    @Bean
    public ShiroFilterFactoryBean adminShiroFilter(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

        filterChainDefinitionMap.put("/admin/auth/login", "anon");
        filterChainDefinitionMap.put("/admin/auth/info", "anon");
        filterChainDefinitionMap.put("/admin/auth/noAuthc", "anon");
        filterChainDefinitionMap.put("/admin/profile/nnotice", "anon");
        filterChainDefinitionMap.put("/admin/**", "authc");


        shiroFilterFactoryBean.setLoginUrl("/admin/auth/noAuthc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return shiroFilterFactoryBean;
    }


    @Bean
    public ShiroFilterFactoryBean wxShiroFilter(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();

        //不用后端做权限限制
        //TODO 权限又被改了。。
        filterChainDefinitionMap.put("/wx/**", "anon");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);

        return shiroFilterFactoryBean;
    }

    /**
     * SecurityManager →
     * Authenticator 可有可无的
     * Authorizer 可有可无的
     * Realms
     * SessionManager
     */
    @Bean
    public DefaultWebSecurityManager securityManager(MallRealm realm,
                                                     DefaultWebSessionManager sessionManager) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealms(Arrays.asList(realm));
        securityManager.setSessionManager(sessionManager);
        return securityManager;
    }


    @Bean
    public DefaultWebSessionManager sessionManager() {
        return new MarketSessionManager();
    }

    /**
     * SessionManager
     * 选择Shiro提供的，看包
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }
}
